From: David Levine <levinedl@acm.org>
Date: Sat, 3 Nov 2018 19:03:17 +0000 (-0400)
Subject: Reduced quantities of data that could be written to a few buffers.
X-Git-Url: https://diplodocus.org/git/nmh/commitdiff_plain/23024ffad75d997bf2a85b3a65fbfdfd35f8150c?ds=sidebyside;hp=-c

Reduced quantities of data that could be written to a few buffers.

gcc 8 noticed that snprintfs could have overrun the buffers.
---

23024ffad75d997bf2a85b3a65fbfdfd35f8150c
diff --git a/uip/distsbr.c b/uip/distsbr.c
index d0db94b2..f6f54d9f 100644
--- a/uip/distsbr.c
+++ b/uip/distsbr.c
@@ -59,9 +59,11 @@ distout (char *drft, char *msgnam, char *backup)
 	    case FLD: 
 	    case FLDPLUS: 
 		if (uprf (name, "distribute-"))
-		    snprintf (name, sizeof(name), "%s%s", "Resent", &name[10]);
+		    snprintf (name, sizeof(name), "%s%.*s", "Resent", NAMESZ-7,
+			      &name[10]);
 		if (uprf (name, "distribution-"))
-		    snprintf (name, sizeof(name), "%s%s", "Resent", &name[12]);
+		    snprintf (name, sizeof(name), "%s%.*s", "Resent", NAMESZ-7,
+			      &name[12]);
 		if (!uprf (name, "resent")) {
 		    inform(BADHDR, "draft", name);
 		    goto leave_bad;
diff --git a/uip/dropsbr.c b/uip/dropsbr.c
index 0029f074..630de111 100644
--- a/uip/dropsbr.c
+++ b/uip/dropsbr.c
@@ -247,7 +247,7 @@ mbx_copy (char *mailbox, int mbx_style, int md, int fd,
 			 * If there is already a "From " line,
 			 * then leave it alone.  Else we add one.
 			 */
-			char tmpbuffer[sizeof buffer];
+			char tmpbuffer[sizeof buffer-7];
 			char *tp, *ep;
 
 			strncpy(tmpbuffer, buffer, sizeof(tmpbuffer));